A checkbox approach to security, focusing on narrow compliance issues, does little to help ensure patient data remains secure. Healthcare organizations must create a practical action plan to accomplish many goals, such as ensuring endpoints are secure, minimizing the risk of breaches, and reducing stakeholder liability. In this session, our presenter will describe in detail how organizations can build an effective measurement of security controls to construct a realistic cybersecurity scorecard representing their true security posture - as well as their regulatory compliance.

Request to Republish Content

Email this Content

Christopher Strand

Sr. Director, Compliance and Governance Programs, Carbon Black

Strand leads Carbon Black's IT governance, audit and compliance programs. With more than 20 years of information technology and compliance experience, he oversees the development of enterprise network and application security solutions that help organizations deploy positive security to maintain and improve their compliance posture. Previously, Strand held security/compliance positions at Trustwave, Tripwire, EMC/RSA, and Compuware. A PCI Professional (PCIP) and trained Quality Security Assessor (QSA), he also has been certified on and is proficient with other regulatory disciplines including HIPAA, North American Electrical Reliability Corporation (NERC) and Gramm-Leach-Bliley Act (GLBA). Strand regularly speaks about security and compliance issues and best practices on webinars and at industry conferences. He has authored several white papers, published articles in security industry journals, and is frequently quoted by leading media outlets.